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DETAILED ACTION 

Applicant amends claim 44 and cancels claims 47 & 48. 
Applicant adds new claims 79-82. 

Claims 44, 46, 49-62 and 79-82 are presented for examination. 

Response to Arguments 

Applicant's arguments with respect to claims 44, 46, 49-62 and 79-82 have been 
considered but are moot in view of the new grounds of rejection. 

The Examiner addresses issues raised by Applicant. 

1 . Applicant argues on page 12 of Remarks, "Ogasawara's authentication is 
completed by verification of input personal identification number." 

While the Examiner in no way affirms on Applicant's assessment of Ogasawara, 
the Applicant and applicant's representative are reminded that a prior art reference must 
be considered in its entirety, i.e. as a whole, including portions that would lead away 
from the claimed invention; see W.L. Gore & Associates, Inc. v. Garlock, Inc., 721 F.2d 
1540, 220 USPQ 303 (Fed. Cir. 1983), cert, denied, 469 U.S. 851 (1984) [MPEP: 
2141 .02 VI]. Figures 6A-6B clearly establish multiple steps of authentication. 

2. Applicant argues on page 12 of Remarks, claim 44 has been amended to recite 
"said enhanced security processing by said cooperating application includes post- 
processing of at least one AKA output parameter produced by the AKA module in 
response to the one or more AKA process commands, said post-processing including 
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encapsulation of said at least one AKA output parameter to generate a further AKA 
parameter that has higher security than said at least one AKA output parameter 
produced in response to the one or more AKA process commands " (emphasis added by 
Examiner). 

To the extent Applicant's arguments may apply, the Examiner introduces Aura 
(U.S. Pat 6711400 B1). 

The fact that the Examiner may not have specifically responded to any particular 
arguments made by Applicant and Applicant's Representative, should not be construed 
as Indicating Examiner's agreement therewith. 

Claim Objections 

Claim 82 is objected to because of the following informalities: 

Claim 82 recites "wherein said said one or more AKA process commands" 
(emphasis added) and it believed the extra word should be removed. 

Appropriate correction is required. 

Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 

forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the phor art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

3. Claims 44, 46, 49-59, 61 and 79-82 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Wireless Identity Module," 12 July 2001 , Wireless Application 
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Protocol, WAP-260-WIM-20010712-a, hereinafter referred to as WIM, in view of 
Ogasawara (U.S. Pat 4853522 A), liereinafter referred to as Ogasawara, in furtlier view 
of Aura (U.S. Pat 671 1400 B1), hereinafter referred to as Aura. 

Re claim 44 : WIM teaches a tamper-resistant security device (page 94: "13.2 
W^M for Networks Not Utilizing a Smartcard Based SiM; networi<;s that do not utiiize a 
smarLcard bsseci SiM, iiie WiM can be impiemented in a tamper-resistant device, 
other than a smartcard") for use in a user device (page 8: "An example of a WIM 
implerrientatiori ;s a srnsri. car'd. in ihe phone, it can be the SuDscrsber Identiiy iVsoduie 
(SIM) card or an external smart card.") comprising: 

memory for storing user credentials, including at lest a security key associated 
with a user of the user device; an Authentication and Key Agreement (AKA) module for 
performing an AKA process with said security key (page 8: " r/?e i4'>i^-^ /derif/fy .^fedate 
(H^M) /s {./sed ?r5 pej^fem^ing I4/71^S and appibation kwel seaunty functions, and 
espedaliy, to store and process Information needed for user identification and 
autiientication. Tfie functionaiity presented iiere is based on the requirement tiiat 
sensitive data, especta/// iieys, can be stored in itie WiM, and aii operations wiiere 
these i<eys are invoived can be performed in tfie Wifd")] 

a hardware communications interface for receiving one or more external AKA 
process commands from a device external to the tamper-resistant security device and 
returning processing results performed in the tamper-resistant security device in 
response to the one or more AKA process commands (Page 8: "The WAP idenlity 
Module (WIM) is used in performing WTLS and application level security functions, and 
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especiaHV: to store and process informaiion needed for user kJentification and 
authentication. The functionaiity presented here is based on the requirement thai: 
sensitive data, especiaiiy i^eys, can be stored in tiie WiM, and aii operations where 
these i<eys are invoived can be pertorfY^ed in the WiiVs;" "An exan-pie of a WiM 
impierrientation is a srnari: card, in ihe phone, it can be the Subscriber identity Moduie 
(Sii^) card or an externai srnari ca?xj. The way which a phone and a smart card interact 
is specified as a command-response protocoi, using Appiication Protocoi Data Units 
(AF'iDU) specific to thss appiicatiorK T'h=s specif icaiio== is based on B07816 series of 
standards on smart cards and the reiated GSM specifications [GSM1 1.11]: where 
appiicabie." page 17, section 6.1, p-P; page 18, section 6.2.2). 

However, WIM does not expressly disclose a cooperating application, contained 
within the tamper-resistant security device and having been given access rights to 
access the AKA module, configured to selectively receive the one or more AKA process 
commands and selectively provide enhanced security processing of the one or more 
AKA process commands. 

Ogasawara teaches a cooperating application (col 2, lines 37-39), contained 
within the tamper-resistant security device [Figure 1] and having been given access 
rights to access the AKA module, configured to selectively receive the one or more AKA 
process commands and selectively provide enhanced security processing of the one or 
more AKA process commands (col 2, lines 66-67; col 3, lines 29-37; col 3, lines 55-66; 
col 4, lines 30-35). 
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It would have been obvious to one of ordinary sl^ill in tine art at tlie time the 
invention was made to have modified the teachings of WIM with the teachings of 
Ogasawara, for the purpose of authenticating commands prior to granting access; it is 
l<nown in the art that authentication preceding further actions preempts potential 
security issues. 

The combination of WIM and Ogasawara teaches an application interface 
internal to the tamper-resistant security device for interfacing said AKA module and said 
cooperating application so that the cooperating application performs the enhanced 
security processing in conjunction with the AKA module within the tamper-resistant 
security device (WIM: page 8: "An example of a WiM Implementation is a smart card, hi 
the phone, it can be the Subscriber Identity Moduie (SIM) card or an external smart 
card. The way which a phone and a smart cand interact is specified as a command- 
response probed, using Application Protoco! Data Units (APDU) specific to this 
application. This specification is based on IS07816 series of standards on smart cards 
and the related GSM specifications [GSM1 1.11], where applicable." Ogasawara: col 2, 
lines 43-45). 

However, the combination of WIM and Ogasawara does not expressly disclose 
wherein said enhanced security processing by said cooperating application includes 
post-processing of at least one AKA output parameter produced by the AKA module in 
response to the one or more AKA process commands, said post-processing including 
encapsulation of said at least one AKA output parameter to generate a further AKA 
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parameter that has higher security than said at least one AKA output parameter 
produced in response to the one or more AKA process commands. 

Yet Aura teaches wherein said enhanced security processing by said 
cooperating application includes post-processing of at least one AKA output parameter 
produced by the AKA module (Fig 4, elts 405 & 407; col 6, lines 39-49; col 7, lines 13- 
27) in response to the one or more AKA process commands (Fig 4, elts 401-404; col 6, 
lines 11-37), said post-processing including encapsulation of said at least one AKA 
output parameter to generate a further AKA parameter that has higher security than 
said at least one AKA output parameter (col 6, lines 40-62; col 6, line 66 - col 7, line 6) 
produced in response to the one or more AKA process commands (col 6, lines 1 1-37). 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to have modified the teachings of WIM and Ogasawara with the 
teachings of Aura, for the purpose of mutually authenticating two devices and verifying 
the reliability of the communications network used to authenticate the two devices (col 
8, lines 48-49). 

Re claim 46 : The combination of WIM, Ogasawara and Aura teaches enhanced 
security processing includes pre-processing of at least one AKA input parameter (WIM: 
page 26: section 7.2.4.6; page 31 : "Establishing pre-master secret;" Aura: col 2, lines 
26-58). 

Re claim 49 : The combination of WIM, Ogasawara and Aura teaches enhanced 
security processing includes evaluation of a predetermined number of consecutive AKA 
input parameters for verifying that said AKA input parameters can be used securely 
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(WIM: page 18: "Signature verification by W^y may be used in cases where an 
application needs verification capabiiity (e.g. certificate or end entity signalure 
verification) but the verification aigorithrri is not present in the iVsE, or the verification 
aigorithrn implementation iS more efiloient in the WIM."). 

Re claim 50 : Tine combination of WIM, Ogasawara and Aura teaches enhanced 
security processing further includes combination of a predetermined number of 
consecutive AKA output parameters generated in response to a number of 
corresponding unique AKA input parameters (WIM: see various APDU commands: 
pages 74-78). 

Re claim 51 : The combination of WIM, Ogasawara and Aura teaches means for 
registration or detection of information representative of security conditions in relation to 
said tamper-resistant security device; and means for performing security policy 
processing based on said information (col 2, lines 66-67; col 3, lines 29-37; col 3, lines 
55-66; col 4, lines 30-35). 

Re claim 52 : The combination of WIM, Ogasawara and Aura teaches the security 
conditions reflect at least one of an environment in which said security device is 
operated and a network interface over which a request for AKA processing originates 
(WIM: page 8: "The Wireless Application Protocol (WAP) is a result of continuous work 
to define an industry-wide specification for developing applications that operate over 
wireless communication networks,"). 

Re claim 53 : The combination of WIM, Ogasawara and Aura teaches security 
policy processing includes at least one of a security policy decision process and a 
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security policy enforcement process (WIM: page 8: "This specificaiion does no! define 
exact requirements for tamper-resistance. Businesses can enforce certain requirements 
and poiicies using PKi based mechanisms. Appiications shouid oniy accept certificates 
signed by Certification Authoriiies that are Known to feifiil the requirements and 
poiicies."). 

Re claim 54 : The combination of WIM, Ogasawara and Aura teaches means for 
performing security policy processing comprises means for selectively disabling direct 
access to said AKA module (WIM: page 95: '1= : a iypicai case, ihe F^iN -G is used to 
proiect aii files (which need to be protected) and keys excepi: non-repudiation i<eys, ^f 
the F»iN-G is not disabied, the i\^E musl send the PiN-G after the Wiivl appiication is 
seiected, in order to be abie to use keys and penbrm other operations that require the 
i-^iN-G. iviore preciseiy, the ME SHOULD do ihe foiiowing when ihe secun^ functions are 
required the first time."). 

Re claim 55 : The combination of WIM, Ogasawara and Aura teaches tamper- 
resistant security device comprises means for detecting whether said tamper-resistant 
security device is operated in its normal environment or in an environment considered 
insecure (WIM: page 49: Tor Ihe WAP -VVTLS appiication there are two predefined SEs 
with their associated number,"), and said means for performing security policy 
processing comprises means for disabling direct access to said AKA module when 
operated in said insecure environment (WIM: page 95: 'In a typicai case, the PiN G is 
used to protect aii fiies (whsch need to be protected) and keys except non-repudiation 
keys, if the PiN-G is not disabied, the ME must send the PIN-G after the WIM 
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appHcation is selected, in orxier to be able to use keys and perform orher operations thai: 
require the PIH-Q. More preciseiy, the ME SHOULD do the tbiiowing when the secure 
functions are required the first time."). 

Re claim 56 : Tlie combination of WIM, Ogasawara and Aura teaches said 
cooperating application includes a security enhancing application, and said security 
device further comprises means for transferring a request for AKA processing directly to 
said AKA module if said security device is operated in an environment considered 
secure, and means for transferring said request to said security enhancing application if 
said security device is operated in an environment considered insecure (WIM: page 74, 
section 1 1 .3.6.4: "PERFORM SECURITY OPERATIONS"). 

Re claim 57 : The combination of WIM, Ogasawara and Aura teaches cooperating 
application is performing at least part of the computations in connection with end-to-end 
key agreement between users (WIM: page 26, section 7.2.4.5: "WIM-KeyAgreement"). 

Re claim 58 : The combination of WIM, Ogasawara and Aura teaches cooperating 
application is masking key information generated by said AKA module (WIM: page 17: 
"The WiM is used to protect permanent typicaiiy certified, private i<eys. The WiM stores 
Ihese i<:eys and performs operations using these keys;" page 18: "Application ievei 
security operations that use the W^y include signing and unwrapping a l^ey"). 

Re claim 59 : The combination of WIM, Ogasawara and Aura teaches cooperating 
application is a software application installed in an application environment of said 
tamper-resistant security device (WIM: page 63: "The WiM applicaiion may have to 
reside on the card with other appiications, eg, GSM. It is selected using an Application 
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kienUfier (A^D) v>/hich is a combination of a Registered Application Provider Identifier 
(R^D) and a Psrsprietary Appiicatlon Identifier Extension (FIX) [IS07816-5]."). 

Re claim 61 : The combination of WIM, Ogasawara and Aura teaches cooperating 
application is a privacy enhancing application, which participates in managing a user 
pseudonym (WIM: page 12: "A iarnper-reslstant device which is used in performing 
WT1„S and application level security functions, and especially, to store and process 
intbrmation needed for user identification and authentication."). 

Re claim 79 : The combination of WIM, Ogasawara and Aura teaches said one or 
more AKA process commands include a random challenge [Fig 4, elts 401 & 404] and 
said at least one AKA output parameter [Fig 4, elt 405] includes a response to the 
random challenge that matches the random challenge (Aura: col 6, lines 30-49). 

Re claim 80 : The combination of WIM, Ogasawara and Aura teaches said 
response is encapsulated using a function applied to manipulate the response to 
produce a higher security response (Aura: col 6, line 48 - col 7, line 6). 

Re claim 81 : The combination of WIM, Ogasawara and Aura teaches said 
function is a keyed function (Aura: col 6, line 48 - col 7, line 6). 

Re claim 82 : The combination of WIM, Ogasawara and Aura teaches said one or 
more AKA process commands include multiple random challenges [Fig 4, elts 401 & 
404; see elements RAND1 & RAND2] and said at least one AKA output parameter 
includes multiple responses to the random challenges and said function is a keyed 
function of the multiple responses (Aura: Fig 4, elts 406, 407, 408 & 409; col 7, lines 13- 
46). 
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4. Claim 60 is rejected under 35 U.S.C. 103(a) as being unpatentable over Wireless 
Identity Module," 12 July 2001 , Wireless Application Protocol, WAP-260-WIM- 

2001 071 2-a, hereinafter referred to as WIM, Ogasawara (U.S. Pat 4853522 A), 
hereinafter referred to as Ogasawara and Aura (U.S. Pat 671 1400 B1), hereinafter 
referred to as Aura, in further view of Vatanen et al (WO 00/48416), hereinafter referred 
to as Vatanen. 

Re claim 60 : The combination of WIM, Ogasawara and Aura teaches all the 
limitations of claim 59 as previously discussed. 

However, Vatanen teaches said cooperating application is securely downloaded 
into said tamper-resistant security device from a trusted party (page 4, line 34 - page 5, 
line 3). 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to have modified the teachings of WIM, Ogasawara and Aura with 
the teachings of Vatanen, for the purpose of installing authenticate applications on a 
portable device, as is known in the art. 

5. Claim 62 is rejected under 35 U.S.C. 103(a) as being unpatentable over Wireless 
Identity Module," 12 July 2001 , Wireless Application Protocol, WAP-260-WIM- 

2001 071 2-a, hereinafter referred to as WIM, Ogasawara (U.S. Pat 4853522 A), 

hereinafter referred to as Ogasawara and Aura (U.S. Pat 671 1400 B1), hereinafter 
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referred to as Aura, in further view of Miyoslii (U.S. Pat Pub 2003/0074570 A1), 
hereinafter referred to as Miyoshi. 

Re claim 62 : The combination of WIM, Ogasawara and Aura teaches all the 
limitations of claim 61 as previously discussed. 

However, Vatanen teaches said privacy enhancing application is configured to 
request an AKA response from said AKA module based on an old user pseudonym and 
generate a new user pseudonym based on the received AKA response (Fig 5: elements 
"RETURN TEMPORARY INTERFACE ID" and "DISTRIBUTE NEW REAL INTERFACE 
ID"). 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to have modified the teachings of WIM, Ogasawara and Aura with 
the teachings of Vatanen, for the purpose of updating access information on portable 
devices, as is known in the art. 

Conclusion 

Examiner's Note: Examiner has cited particular columns and line numbers in the 
references applied to the claims above for the convenience of the applicant. Although 
the specified citations are representative of the teachings of the art and are applied to 
specific limitations within the individual claim, other passages and figures may apply as 
well. It is respectfully requested from the applicant in preparing responses to fully 
consider the references in entirety as potentially teaching all or part of the claimed 
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invention, as well as the text of the passage taught by the prior art or disclosed by the 
examiner. 

In the case of amending the claimed invention. Applicant is respectfully 
requested to indicate the portlon(s) of the specification which dictate(s) the structure 
relied on for proper interpretation and also to verify and ascertain the metes and bounds 
of the claimed invention. 

Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to DARREN SCHWARTZ whose telephone number is 
(571)270-3850. The examiner can normally be reached on 7am-4pm. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on (571 )272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

ID. SJ 

Examiner, Art Unit 2435 
/Kimyen Vu/ 
Supervisory Patent Examiner, Art Unit 2435 



